Skip to content
Snippets Groups Projects
Select Git revision
  • 658ea7d7e4c73991adfebab7d96adf961afac559
  • main default protected
  • renovate/solid_queue-1.x-lockfile
  • renovate/importmap-rails-2.x-lockfile
  • renovate/redis-5.x-lockfile
  • renovate/ruby
  • renovate/selenium-webdriver-4.x-lockfile
  • renovate/icalendar-2.x-lockfile
  • renovate/debug-1.x-lockfile
  • renovate/turbo-rails-2.x-lockfile
  • renovate/gcr.io-kaniko-project-executor-1.x
  • eh22 protected
  • update-rubocop
13 results

20240526145815_add_action_to_model_version.rb

Blame
  • default_config.cfg 4.62 KiB
    LDAP_USER_SEARCH_BASE="ou=users,dc=example,dc=com"
    LDAP_USER_SEARCH_FILTER=[("objectClass", "person")]
    LDAP_USER_OBJECTCLASSES=["top", "inetOrgPerson", "organizationalPerson", "person", "posixAccount"]
    LDAP_USER_MIN_UID=10000
    LDAP_USER_MAX_UID=18999
    LDAP_USER_GID=20001
    LDAP_USER_DN_ATTRIBUTE="uid"
    LDAP_USER_UID_ATTRIBUTE="uidNumber"
    LDAP_USER_UID_ALIASES=[]
    LDAP_USER_LOGINNAME_ATTRIBUTE="uid"
    LDAP_USER_LOGINNAME_ALIASES=[]
    LDAP_USER_DISPLAYNAME_ATTRIBUTE="cn"
    LDAP_USER_DISPLAYNAME_ALIASES=["givenName", "displayName"]
    LDAP_USER_MAIL_ATTRIBUTE="mail"
    LDAP_USER_MAIL_ALIASES=[]
    LDAP_USER_DEFAULT_ATTRIBUTES={
    	"sn": " ",
    	"homeDirectory": "/home/{loginname}",
    	"gidNumber": LDAP_USER_GID
    }
    
    LDAP_GROUP_SEARCH_BASE="ou=groups,dc=example,dc=com"
    LDAP_GROUP_SEARCH_FILTER=[("objectClass","groupOfUniqueNames")]
    LDAP_GROUP_GID_ATTRIBUTE="gidNumber"
    LDAP_GROUP_NAME_ATTRIBUTE="cn"
    LDAP_GROUP_DESCRIPTION_ATTRIBUTE="description"
    LDAP_GROUP_MEMBER_ATTRIBUTE="uniqueMember"
    
    LDAP_MAIL_SEARCH_BASE="ou=postfix,dc=example,dc=com"
    LDAP_MAIL_SEARCH_FILTER=[("objectClass","postfixVirtual")]
    LDAP_MAIL_OBJECTCLASSES=["top", "postfixVirtual"]
    LDAP_MAIL_DN_ATTRIBUTE="uid"
    LDAP_MAIL_UID_ATTRIBUTE="uid"
    LDAP_MAIL_RECEIVERS_ATTRIBUTE="mailacceptinggeneralid"
    LDAP_MAIL_DESTINATIONS_ATTRIBUTE="maildrop"
    
    LDAP_SERVICE_BIND_DN=""
    LDAP_SERVICE_BIND_PASSWORD=""
    LDAP_SERVICE_URL="ldapi:///"
    LDAP_SERVICE_USE_STARTTLS=True
    
    SESSION_LIFETIME_SECONDS=3600
    # CSRF protection
    SESSION_COOKIE_SECURE=True
    SESSION_COOKIE_HTTPONLY=True
    SESSION_COOKIE_SAMESITE='Strict'
    
    ACL_ADMIN_GROUP="uffd_admin"
    ACL_SELFSERVICE_GROUP="uffd_access"
    
    MAIL_SERVER='' # e.g. example.com
    MAIL_PORT=465
    MAIL_USERNAME='yourId@example.com'
    MAIL_PASSWORD='*****'
    MAIL_USE_STARTTLS=True
    MAIL_FROM_ADDRESS='foo@bar.com'
    
    #MFA_ICON_URL = 'https://example.com/logo.png'
    #MFA_RP_ID = 'example.com' # If unset, hostname from current request is used
    MFA_RP_NAME = 'Uffd Test Service' # Service name passed to U2F/FIDO2 authenticators
    
    ROLES_BASEROLES=['base']
    
    SQLALCHEMY_TRACK_MODIFICATIONS=False
    
    FOOTER_LINKS=[{"url": "https://example.com", "title": "example"}]
    
    OAUTH2_CLIENTS={
    	#'test_client_id' : {'client_secret': 'random_secret', 'redirect_uris': ['https://example.com/oauth']},
    	# You can optionally restrict access to users with a certain group. Set 'required_group' to the name of an LDAP group name or a list of groups.
    	# ... 'required_group': 'test_access_group' ... only allows users with group "test_access_group" access
    	# ... 'required_group': ['groupa', ['groupb', 'groupc']] ... allows users with group "groupa" as well as users with both "groupb" and "groupc" access
    }
    
    # Service overview page (disabled if empty)
    SERVICES=[
    #	# Title is mandatory, all other fields are optional.
    #	# For permission_levels/groups/infos/links all fields are mandatory aside from required_group.
    #	{
    #		'title': 'Service Title',
    #		'subtitle': 'Service Subtitle',
    #		'description': 'Short description of the service as plain text',
    #		'url': 'https://example.com/',
    #		'logo_url': 'https://example.com/logo.png',
    #		# Basic access group name, service is accessible to everyone if empty
    #		'required_group': 'users',
    #		# Non-basic permission levels, the last matching entry is selected.
    #		# Users with a matching permission level are considered to have
    #		# access to the service (as if they have the basic access group).
    #		'permission_levels': [
    #			{'name': 'Moderator', 'required_group': 'moderators'},
    #			{'name': 'Admin', 'required_group': 'uffd_admin'},
    #		],
    #		# Per default all services are listed publicly (but grayed out for
    #		# guests/users without access). Confidential services are only visible
    #		# to users with access rights to the service.
    #		'confidential': True,
    #		# In-service groups, all matching items are visible
    #		'groups': [
    #			{'name': 'Group "crew_crew"', 'required_group': 'users'},
    #			{'name': 'Group "crew_logistik"', 'required_group': 'uffd_admin'},
    #		],
    #		# Infos are small/medium amounts of information displayed in a modal
    #		# dialog. All matching items are visible.
    #		'infos': [
    #			{'title': 'Documentation', 'html': '<p>Some information about the service as html</p>', 'required_group': 'users'},
    #		],
    #		# Links to external sites, all matching items are visible
    #		'links': [
    #			{'title': 'Link to an external site', 'url': '#', 'required_group': 'users'},
    #		]
    #	},
    ]
    # Enable the service overview page for users who are not logged in
    SERVICES_PUBLIC=True
    
    BRANDING_LOGO_URL='/static/empty.png'
    
    # do NOT set in production
    
    #TEMPLATES_AUTO_RELOAD=True
    #SQLALCHEMY_ECHO=True
    #FLASK_ENV=development
    #LDAP_SERVICE_MOCK=True
    
    # DO set in production
    
    # SECRET_KEY=<long key>
    # FLASK_ENV=production
    # SQLALCHEMY_DATABASE_URI=<path>